AuthSub 和 Blogger

发布于 2024-09-09 07:52:56 字数 1965 浏览 4 评论 0原文

我正在尝试检索给定用户的博客列表。 我想我已经成功地用所有令牌东西授权了自己,但是当我请求列表博客时,我收到了 302 暂时移动。 我正在使用curl 来发送请求。

在我的回调页面中,我将令牌升级为会话令牌:

$header = array();
$header[] = 'GET /accounts/AuthSubSessionToken HTTP/1.1';
$header[] = 'Authorization: AuthSub token="'.$_GET['token'].'"';

$curl = curl_init('https://www.google.com/accounts/AuthSubSessionToken');
curl_setopt( $curl, CURLOPT_HTTPHEADER, $header );
curl_setopt( $curl, CURLOPT_HEADER, true );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $curl, CURLOPT_SSL_VERIFYPEER, false );
$response = curl_exec( $curl );

我得到以下响应:

HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Date: Thu, 15 Jul 2010 20:08:07 GMT
Expires: Thu, 15 Jul 2010 20:08:07 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 39
Server: GSE

好的,现在我想我已经准备好数据检索,我这样做:

$headers = array();
$headers[] = 'GET /feeds/default/blogs HTTP/1.1';
$headers[] = 'Authorization: AuthSub token="'.$token.'"';
$headers[] = 'Host: www.blogger.com';

$curl = curl_init( 'http://www.blogger.com' );
curl_setopt( $curl, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt( $curl, CURLOPT_TIMEOUT, 5 );
curl_setopt( $curl, CURLOPT_PORT, 80 );
curl_setopt( $curl, CURLOPT_HEADER, true );
curl_setopt( $curl, CURLOPT_HTTPHEADER, $headers );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $curl, CURLOPT_SSL_VERIFYHOST, false );
curl_setopt( $curl, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt( $curl, CURLOPT_FOLLOWLOCATION, true );
curl_setopt( $curl, CURLOPT_MAXREDIRS, 5);
$reply = curl_exec( $curl );

但我总是收到 302 暂时移动。 我检查过我没有启用 safe_mode 或 openbasedir 来允许 CURLOPT_FOLLOWLOCATION 工作,并且我还检查了

curl_getinfo( $curl, CURLINFO_EFFECTIVE_URL );

最后请求的 url 是什么,以确保curl 正在尝试重定向。

也许我做错了一些 AuthSub 步骤?

PD:显然我省略了提取会话令牌的代码,但我仔细检查了它并获取了标头的正确部分。

I'm trying to retrieve a list of blogs of a given user.
I think I've successivelly authorizated myself with all the token stuff, but when I ask for the list blog, I recieve a 302 moved temporarily.
I'm using curl to send the requests.

In my callback page, I upgrade the token to a session token:

$header = array();
$header[] = 'GET /accounts/AuthSubSessionToken HTTP/1.1';
$header[] = 'Authorization: AuthSub token="'.$_GET['token'].'"';

$curl = curl_init('https://www.google.com/accounts/AuthSubSessionToken');
curl_setopt( $curl, CURLOPT_HTTPHEADER, $header );
curl_setopt( $curl, CURLOPT_HEADER, true );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $curl, CURLOPT_SSL_VERIFYPEER, false );
$response = curl_exec( $curl );

I obtain this response:

HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Date: Thu, 15 Jul 2010 20:08:07 GMT
Expires: Thu, 15 Jul 2010 20:08:07 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 39
Server: GSE

Ok, now I think I'm ready to data retrieval, I do this:

$headers = array();
$headers[] = 'GET /feeds/default/blogs HTTP/1.1';
$headers[] = 'Authorization: AuthSub token="'.$token.'"';
$headers[] = 'Host: www.blogger.com';

$curl = curl_init( 'http://www.blogger.com' );
curl_setopt( $curl, CURLOPT_CONNECTTIMEOUT, 5 );
curl_setopt( $curl, CURLOPT_TIMEOUT, 5 );
curl_setopt( $curl, CURLOPT_PORT, 80 );
curl_setopt( $curl, CURLOPT_HEADER, true );
curl_setopt( $curl, CURLOPT_HTTPHEADER, $headers );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $curl, CURLOPT_SSL_VERIFYHOST, false );
curl_setopt( $curl, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt( $curl, CURLOPT_FOLLOWLOCATION, true );
curl_setopt( $curl, CURLOPT_MAXREDIRS, 5);
$reply = curl_exec( $curl );

But I always receive a 302 moved temporarily.
I've checked I have not enabled safe_mode nor openbasedir to allow CURLOPT_FOLLOWLOCATION work, and I also checked with

curl_getinfo( $curl, CURLINFO_EFFECTIVE_URL );

what was the last url requested to be sure curl is trying the redirect.

Maybe I did some AuthSub step wrong?

PD: Obviously I ommited the code that extracts the session-token, but I double checked it and I grab the correct part of the header.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

情深已缘浅 2024-09-16 07:52:56

如果您检查 curl_getinfo($curl); 的输出,您会得到redirect_count 吗?如果是这样:如果是 5,我会将 maxredirs 设置得更高。

如果没有,我会设置

curl_setopt($curl,CURLOPT_VERBOSE,true);
curl_setopt($curl,CURLOPT_STDERR, STDOUT)

...并检查它的输出。

也许就像设置这个一样简单(从未使用过博客界面):

curl_setopt($curl,CURLOPT_UNRESTRICTED_AUTH,true);

If you examine the output of curl_getinfo($curl);, do you get a redirect_count? If so: if it's 5 I'd set the maxredirs higher.

If not, I'd set

curl_setopt($curl,CURLOPT_VERBOSE,true);
curl_setopt($curl,CURLOPT_STDERR, STDOUT)

... and examine it's output.

Maybe it's as simple as setting this (never worked with the blogger interface):

curl_setopt($curl,CURLOPT_UNRESTRICTED_AUTH,true);
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文